On the Weaknesses of Function Table Randomization

Latest defenses against code-reuse attacks focus on information hiding and randomization as important building blocks. The main idea is that an attacker is not able to find the position of the code she wants to reuse, hence thwarting successful attacks. Current state-of-the-art defenses achieve this by employing concepts such as execute-only memory combined with booby traps.